1. Home
  2. Moldova standards
  3. STM
  4. St ISO IEC 27000-2018

ISO IEC 27000-2018 PDF

St ISO IEC 27000-2018

Name in English:
St ISO IEC 27000-2018

Name in Russian:
Ст ISO IEC 27000-2018

Description in English:

Original standard ISO IEC 27000-2018 in PDF full version. Additional info + preview on request

Description in Russian:
Оригинальный стандарт ISO IEC 27000-2018 в PDF полная версия. Дополнительная инфо + превью по запросу
Document status:
Active
Format:
Electronic (PDF)
Delivery time (for English version):
1 business day
Delivery time (for Russian version):
365 business days
SKU:
stiso25958
Choose Document Language:
€25

Full title and description

ISO/IEC 27000:2018 — Information technology — Security techniques — Information security management systems — Overview and vocabulary. This International Standard provides a short overview of the ISO/IEC 27000 family (ISMS standards) and a common vocabulary of terms and definitions used across the series to support consistent interpretation and implementation.

Abstract

ISO/IEC 27000:2018 gives an introduction to information security management systems (ISMS) and provides commonly used terms and definitions for the ISO/IEC 27000 family. It is intended to be applicable to organizations of all types and sizes and to support consistent use of terminology across related standards such as ISO/IEC 27001 and ISO/IEC 27002.

General information

  • Status: Published
  • Publication date: February 2018 (2018-02-07)
  • Publisher: International Organization for Standardization (ISO) / International Electrotechnical Commission (IEC) (joint)
  • ICS / categories: 35.030; 01.040.35
  • Edition / version: Edition 5 (2018)
  • Number of pages: 27

Key bibliographic details above are taken from the official standard records and the IEC/ISO publication metadata.

Scope

Defines the scope and purpose of the ISMS family by providing an overview of information security management systems and supplying standardized terms and definitions used throughout the series. It clarifies which common terms are covered, notes that it does not (and cannot) include every possible term used in the ISMS family, and does not prevent other standards in the series from defining additional terms. The document is framed for use by any organization regardless of size, type or sector.

Key topics and requirements

  • Overview of the ISO/IEC 27000 series and the role of ISO/IEC 27000 within the series.
  • Standardized vocabulary and definitions for ISMS concepts (e.g., information security, asset, risk, control, confidentiality, integrity, availability).
  • Guidance on the intended use of terms across other ISO/IEC 27000 family standards.
  • Clarification that the vocabulary is indicative and that other documents may define additional or more specific terms.
  • Applicability across all organization types and sizes rather than prescriptive controls or implementation requirements (those are in other standards such as ISO/IEC 27001 and ISO/IEC 27002).

Typical use and users

Used as a baseline reference by information security managers, implementers, internal and external auditors, standards writers, trainers, and consultants who need consistent terminology when designing, assessing or communicating about ISMSs and related practices. It is frequently consulted when organizations adopt or align with ISO/IEC 27001 and when creating policies, procedures and training materials that must reference standardized definitions.

Related standards

Part of the ISO/IEC 27000 family. Most directly related to ISO/IEC 27001 (requirements for an ISMS), ISO/IEC 27002 (code of practice / controls guidance) and ISO/IEC 27005 (information security risk management). It provides the vocabulary used across these and other family members (e.g., sector- or topic-specific extensions).

Keywords

ISMS, information security, vocabulary, definitions, ISO/IEC 27000 series, overview, controls, risk, confidentiality, integrity, availability.

FAQ

Q: What is this standard?

A: ISO/IEC 27000:2018 is the overview and vocabulary standard for the ISO/IEC 27000 family; it explains the scope of the series and provides standardized terms and definitions for information security management systems.

Q: What does it cover?

A: It covers an introduction to ISMS concepts and a glossary of commonly used terms and definitions; it does not contain requirements for implementing controls (those are in ISO/IEC 27001 and ISO/IEC 27002).

Q: Who typically uses it?

A: Information security professionals, implementers, auditors, consultants, trainers, and standards developers who need consistent and authoritative terminology when working with the ISO/IEC 27000 series.

Q: Is it current or superseded?

A: The current published edition is ISO/IEC 27000:2018 (Edition 5). The standard is subject to the ISO review cycle and records indicate it has been reviewed and flagged for revision activities; users should check national or official catalogs for any amendments or a newer edition if exact current status is critical.

Q: Is it part of a series?

A: Yes — it is the foundational vocabulary/overview document for the ISO/IEC 27000 series, which includes standards such as ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 27005 and other specialized family members.

Q: What are the key keywords?

A: ISMS, information security, vocabulary, definitions, risk, control, confidentiality, integrity, availability.